DNS Mystery

October 18, 2008 · 1 comment

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

I have been fighting a DNS problem for over a month now and cannot find a solution.  The dilemma is regarding a domain that I used to have on my servers.  For about a year, the MX records for the domain of European company were changed to point at my mail server in the US.  That transition went very smooth and fast.  However, I discovered from the very beginning, that this domain was constantly under attack from spammers sending viruses, Trojans, malware and other miscellaneous SPAM.  Most of the E-mail addresses were bogus and easily discarded by my security software.  However, the volume was extraordinary.  I went from 600 messages per day on my server to 220,000 per day almost overnight.  It was dragging my systems down to a crawl.  I was not prepared to handle this type of volume.  Just the I/O in accepting SMTP connections and then discarding the mail was effectively causing a denial-of-service attack on my network.

Then, about a month ago, the entire domain was turned over to my employer.  We updated all of the records in DNS and I thought this nightmare would be over in about 24-72 hours as the DNS records were updated throughout the Internet.  Well, here it is over a month later and I am still getting at least 60,000 messages per day for that domain!  The rest are correctly going to the new location.  It is driving me nuts and I cannot think of a solution.  There must be some DNS  server(s) that have an old cached copy and not obtaining updates of these DNS records.  My guess is that they are located in Europe because that is where almost all of the SPAM is coming from.  I cannot think of any way to track down rogue DNS servers to correct this awful situation.

Any ideas, suggestion or solutions are highly welcomed.

Article by Steve Van Domelen

Steve has written 47 awesome articles.

Previous post:

Next post: